- signature layer for appcachestorage sync changed to memory type
- obsolete post view removed

erp5_discussion: initial commit for discussion tool (WIP)

erp5_officejs: web site and gadgets for discussion tool

erp5_officejs_connector: forms for discussion tool

erp5_post: html post jio view for discussion tool

erp5_officejs_ui_test: unit tests for discussion tool

[HARDCODED] only discussion tool tests

erp5_discussion: adding officejs dependency to install the discussion tool site

testing a fix for migration test in discussion tool

erp5_hal_json_style: hateoas script extended to retrieve raw form definition

erp5_officejs: rendering form on JS side
- hardcoded JSON was removed
- form definition is get from jio storage (erp5 for now)
- rendering is done in controller.js using form definition and context (jio document)

erp5_officejs_connector: changes on HTML post view as jio for discussion tool

erp5_post: changes on html post view for discussion tool

erp5_officejs: store json form definition in indexedDB

erp5_officejs: adding a layer in jio data storage to replicate appcache content

erp5_officejs: bug fix - missing resource in appcache file

WIP: erp5_officejs: replicate appcache content into local storage

erp5_officejs: new file manifest to list form json urls and other configurations
- this prevents the appcache-local storage sync to store unnecessary resources like gadgets

erp5_officejs: replicate appcache content into local storage
- configurations like form definitions are saved as objects into data-storage.metadata to allow jio.get

erp5_officejs: minor fixes and cleanup

erp5_officejs: include non-json resources from appcache as blobs

WIP erp5_officejs: getting rid of editable view for form rendering

erp5_officejs: got rid of editable view form and using gadget_erp5_form directly

erp5_officejs: removing unnecessary redirect

erp5_officejs_ui_test: updating test

erp5_officejs: fix in appcachestorage sync

[HARCODED]  erp5_hal_json_style: remove permission controls to appcache hatoas return-dict

erp5_officejs: removing comments in appcache manifest

erp5_officejs: revert get rid of editable view
- editable view is generic enough for form editing, so it will be kept
- but submit handling is done in controller gadget

erp5_officejs: cleanup in controller html

erp5_officejs: bug fixing on storage migration
- new appcachestorage hash layer is created when new storage is selected

erp5_hal_json_style: missing jio_view action in ERP5 Form portal type
- needed to get the form definition from hateoas script

erp5_officejs: new parameter appcache in hateoas script
- this new parameter disable permission check when hateoas is called by bootloader
- appcache storage sync is canceled if storage requires authentication
- WIP: redirect to login not working

erp5_officejs: extra controls in appcachestorage sync error handling

erp5_officejs: logging more error details for failing unit test

erp5_officejs: more error logging for tests
- attempt to fix test

erp5_officejs: more details in log for test

erp5_officejs: adding configuration manifest explicitly
- even is it committed, test fails due to "can't get manifest"

erp5_officejs: using old appcache manifest instead of the configuration one

erp5_officejs: no need of explicitly commit the configuration manifest or use old manifest
- the test failed the same with both attempts

erp5_officejs_ui_test: add a check for manifest configuration file

erp5_officejs_ui_test: fix in configuration manifest url

erp5_officejs: attempt to fix unit test appcache sync

erp5_officejs_ui_test: cleanup

erp5_officejs: clean up after test fix

erp5_hal_json_style: fix permission issue for appcache storage sync
- new parameter added for this scenario

[HARDCODED] erp5_hal_json_style: forcing value of html post action jio_view

erp5_hal_json_style: error handling in hardcoded action value

[WIP] erp5_officejs: get rid of hardcoded form name in controller gadget
- form name comes from the document portal type action
- for now, path to action is hardcoded. It will come from a allDocs query (not implemented yet in appcachestorage sync)

erp5_hal_json_style: fix test due to hardcode

erp5_officejs: jio_allDocs queries can be done on local data storage after appcachestorage sync

erp5_officejs: missing hateoas urls in appcache and configuration manifests

Removing unnecessary modified files from merge request

erp5_officejs: minor refactoring

erp5_officejs: code cleanup

With recent changes in CMFActivity, getServerAddress is now used
when setting up the site, before the ZServer is started, which means:
- getServerAddress memoized a wrong return value;
- the test didn't fail with --load.

The button "Subscribe/Unsubscribe from Timer Service" does not clearly 
explain the fact that it determines whether or not Alarms are enabled in
ERP5. It is very counter-intuitive to see Alarms on "enabled" in the 
"Configure Alarms" screen and yet not have them being run because the
Alarm Node is not subscribed to the Timer Service.

/reviewed-on nexedi/erp5!539

Since the introduction of ERP5 Login, authentication by Access Token is broken, and it is only working if `erp5_login.getReference() == person.getUserId()`

The scriptable part of access token changed, now scripts must return a user object - on which the plugin will call `getUserId` (it was not clear what they should return before, maybe login, but they should return a user id, not a login, as the token plays the same role as a login). To make it clear and to intentionally break compatibility as this is now something different, these scripts have been renamed to be `getUserValue` type based methods.

/reviewed-on nexedi/erp5!838

(because my editor runs python3 pytlint)

/reviewed-on nexedi/erp5!839

This fallback seems useless in this context, getClientAddr should be
available.

This test does not need to create an actual user as it just check
plugin extract login & password from request.
This test does not need to install the plugin in PAS, the actual check
instanciate another ERP5DumbHTTPExtractionPlugin.

- no longer needed to have same user id and logins.
- upgrader activate the plugin

This keep the current behavior. Invalidating all logins is also a way to
disable login for this user without having to find all tokens and
invalidate them one by one

for compatibility with login/password

Because this was broken, we took the liberty to introduce a breaking
change to fix naming, now type based scripts are *_getUserValue and must
return a user document, with a getUserId method returning the user id.

Make this plugin also an IAuthenticationPlugin which does all the job of
returning the user id.
It does not really make sense to delegate this to default authenticator.
A side effect is that token can still authenticate users with no
assignments, since tokens are scriptable, if this is a requirement, it
can be implemented in scripts.

also update test:

 - plugin must be enabled for IAuthenticationPlugin
 - check complete authentication sequence, not just extraction
 - update scripts to new names
 - simplify transaction management
 - don't set self.person, it was not used anywhere
 - update _createPerson to reindex, as said in docstring
 - merge all tests in on test component

benefit is very small and unusable for user

nexedi/erp5@1f254aa7

This is called when checking access permission on objects, which happens
very often. CachingMethod has a hit cost which is too high for this use.
Instead, generate this method as part of the portal type class, removing
all call-time logic.

It is superseded by __self__, which (where applicable) prevents
acquisition and getattr-based traversal, improving performance.
Patch AccessControl.users.BasicUser._check_context to extend this change
to zope code (and simplify it in the process).
Also, make __ac_local_roles__ accesses consistent with other places in
our own code as well as in PAS & AccessControl.

getRoles is called a lot (on every restricted access, so hundreds of times
per transaction), it is definitely not the right place to do extra
computation, especially when their result does not change from one call
to the next (configuration should only change on process restart, so not
during a transaction - and even if it someday did, it should be fine to
wait for next transaction for it to take effect).
Instead, do the extra work when creating the user (typically once per
transaction).
Also, modernise python syntax (simplifications & style).
Also, reduce code duplication from ERP5Security.ERP5UserFactory.

Simplifies callers, as they then do not have to test for None.
Also, use sort(key=...), which removes the need for internal 2-tuple
wrapping & unwrapping of all result entries.
Also, coding style (helps line-based profiling readability) & better
naming.

Include worklist parameter generation in the scope of existing cache.
Otherwise, it will be generated in pure loss if it is followed by a cache
hit. Most of WorkflowTool change is just indentation change.

Also, do some minor optimisations/simplifications in patchess.DCWorkflow.
Some comments:
- Guard_checkWithoutRoles return value is evaluated as a boolean, so no
  need to cast to int before returning based on boolean evaluation...
- DCWorkflowDefinition.worklists is always true, even when empty.
- Listing portal types per workflow requires checking all workflows, so
  build the whole mapping and cache it instead of caching for each workflow
  type individually (many more cache hits, fewer redundant computations)
- getVarMatch is expensive just for a fallback and a wrap, bypass it to
  reduce redundant work.

Backward-compatibility path does not need to be fast. Optimise for sane
folders.

This improves performance when unset protected properties are being
accessed.

In contrary to the ParentDeliveryPropertyMovementGroup for property, it has
never actually checked the parent Delivery but the current one.

This also avoids KeyError exceptions when Activities have already been processed
in the meantime.

These extensions does not seem to be used.

/reviewed-on nexedi/erp5!845

Test was never ending processing activities:

```
2019-03-11T03:09:20 WARNING CMFActivity invalid after_path_and_method_id value: ('/erp5/organisation_module/2', 'immediateRecusriveReindexObject', 'immediateReindexObject')
Traceback (most recent call last):
  File "product/CMFActivity/Activity/SQLBase.py", line 319, in getValidationSQL
    validate_list.append(' AND '.join(method(v, quote)))
  File "product/CMFActivity/Activity/SQLBase.py", line 345, in _validate_after_path_and_method_id
    path, method_id = value
ValueError: too many values to unpack
2019-03-11T03:09:20 WARNING CMFActivity invalid after_path_and_method_id value: ('/erp5/organisation_module/2', 'immediateRecusriveReindexObject', 'immediateReindexObject')
Traceback (most recent call last):
  File "product/CMFActivity/Activity/SQLBase.py", line 319, in getValidationSQL
    validate_list.append(' AND '.join(method(v, quote)))
  File "product/CMFActivity/Activity/SQLBase.py", line 345, in _validate_after_path_and_method_id
    path, method_id = value
ValueError: too many values to unpack
2019-03-11T03:09:20 WARNING CMFActivity invalid after_path_and_method_id value: ('/erp5/organisation_module/2', 'immediateRecusriveReindexObject', 'immediateReindexObject')
Traceback (most recent call last):
  File "product/CMFActivity/Activity/SQLBase.py", line 319, in getValidationSQL
    validate_list.append(' AND '.join(method(v, quote)))
  File "product/CMFActivity/Activity/SQLBase.py", line 345, in _validate_after_path_and_method_id
    path, method_id = value
ValueError: too many values to unpack
2019-03-11T03:09:20 ERROR CMFActivity message uid 7256619472683296857L has a circular dependency
 ```

Fix this failing test by using the proper `after_path_and_method_id` syntax and also some other small changes to make the test fail earlier in case of problems.

/reviewed-on nexedi/erp5!844

erp5_ui_long is too long for user to use fast input for the following scenario:
1. user create purchase order
2. user use fast input to enter product with reference 324214(a missing product)
3. user type 324214 in fast input, it found nothing in Product or Service
4. then user create such product 324214
5. then user go back to purchase order and type again 324214
since previous result is still cached for one hour and user still can't find it.

in one hour, user is not available to add such product

The fixes a missing rename in
commit cee3e728.

Check that global and local roles (which are not supposed to be used) actually
do not affect permissions.

For consistency with ERP5TypeTestCase.tic for server side unit test, use
timeShift to simulate a progress in time so that activities scheduled
for executation at a later time ( using activate(at_date=...) ) are
executed.

Otherwise in the worst case we sleep for 1000 seconds.

verify* style assertion continue test execution, whereas assert* mark test as failed.
If something went wrong, better to exit early.

Update relation field input value only on demand,
changing the state of a relation_input gadget with value_text = ""
now updates the field.

You can reproduce by doing :
- open an object in tab "View" with a relation field (eg my_successor_title) filled
- open a new tab, and edit the field to make it empty
- from the first tab, refresh the view by click on the left panel "View" tab
- the relation field should be emptied.